back to article Now Chinese-made drones rubbing US govt up the Huawei: 'Strong concerns' DJI kit threat to national security

A US government agency has claimed drones pose a threat to national security in an echo of its wider campaign against all things Chinese. According to the Department of Homeland Security (DHS), drones from China (therefore meaning DJI, the world's biggest manufacturer of the kit) "contain components that can compromise your …

  1. Anonymous Coward
    1. Captain Scarlet Silver badge
      Unhappy

      and stuff made in the UK

  2. TRT Silver badge

    This is one relationship...

    that's gone from sweet...

    (•_•) / ( •_•)>⌐■-■ / (⌐■_■)

    ...to sour.

    YEEEEEEEEAAAAAAAAAAAAHHHHHHHHHHHH!!!!"

  3. Dan 55 Silver badge

    Irony meter asplodes

    "The United States government has strong concerns about any technology product that takes American data into the territory of an authoritarian state that permits its intelligence services to have unfettered access to that data or otherwise abuses that access," the memo continued.

    1. MiguelC Silver badge
      Coat

      Re: Irony meter asplodes

      An 11 on the Morissette scale

    2. big_D Silver badge
      Facepalm

      Re: Irony meter asplodes

      "We aren't authoritarian, so when we do that, it is fine, but other countries doing that? Why, that is un-American!"

  4. Gordon 10
    Big Brother

    FTFY

    This seems to be a recurring set of problems with rapidly expanding Chinese tech companies selling into Western markets.

    There are no geographic limits on stupidity and cutting corners.

    1. DerekCurrie
      Big Brother

      Re: FTFY

      I agree and elaborate upon that theme in my long post below. Expect every Chinese company to bow down to the wishes of its totalitarian government. And yet it is unrealistic to expect reliable security from any other source thanks to the basic trend across the world of security technology incompetence.

  5. Doctor Syntax Silver badge

    "The United States government has strong concerns about any technology product that takes American data into the territory of an authoritarian state that permits its intelligence services to have unfettered access to that data or otherwise abuses that access,"

    The rest of us have strong concerns about any technology that takes our data into the territory of the United States government that permits its intelligence services to have unfettered access to that data or otherwise abuses that access.

    1. stiine Silver badge

      damn it

      So do we.

    2. KenBW2

      GDPR

      Doesn't 'murca think things like GDPR are socialist dictats?

      1. JohnFen

        Re: GDPR

        This 'murcan doesn't.

  6. Anonymous Coward
    Anonymous Coward

    Pot here

    Y'all are black, kettle

  7. Chris G

    How long before they get round to Chinese restaurants and fortune cookies disseminating unamerican propaganda?

    1. Anonymous Coward
      Anonymous Coward

      Well, the last time I had a fortune cookie in the US of A, it said "He walks as one who has had the flesh stripped from his back" (no, really). So that's definitely un-American, because Americans would never, ever torture anybody. Nope, not ever.

  8. JohnFen

    Start offering evidence

    If the US government is going to keep up with this type of stuff, they really need to start offering some sort of actual evidence for their accusations. Expecting everyone to just take them at their word for this stuff is expecting too much.

    1. Joe W Silver badge

      Re: Start offering evidence

      seems to work when invading other countries[1]... so why not in this case as well?

      [1] though they had the "decency" to at least show some "evidence" then

      1. rdhood

        Re: Start offering evidence

        Here is the thing.. all of these damned "internet of things" companies ... of all countries... want to take your data and offer it back to you "on demand" through their servers. So you want internet access to you home video? You need a Google/facebook/Huawei/Mi/younameit account. They ALL hobble their products unless you give them access. Could any of these companies offer RTSP service on their cameras so that you could stream to YOUR OWN server and keep your data private? SURE! DO ANY of these companies allow this? HELL NO. They want your data, and to charge you to make it available to YOU on demand. What a F'n Racket.

        1. Kernel

          Re: Start offering evidence

          "So you want internet access to you home video? You need a Google/facebook/Huawei/Mi/younameit account."

          Or you could go to your local electronics store, purchase a few cameras, an off the shelf security video server and something of the nature of a Raspberry Pi and set up a VPN to allow you remote access to your own standalone system - no accounts needed.

          Your statement might be valid on a consumer forum, but I'd like to think that here we can come up with a few more options.

          1. JohnFen

            Re: Start offering evidence

            100% this. I have internet access to a whole bunch of things in my home, but none of them require the use of third-party servers or communications to or from any machine or software outside of my control.

          2. Unbelievable!

            Re: Start offering evidence

            Your statement might be valid on a consumer forum, but I'd like to think that here we can come up with a few more options

            Happy to have your help: I have a Motorola 73 motorised camera. it's impossible to use unless the communications go through their servers. I've picked apart the mobile app, i spent days on it alone. I also spent 3 days delving into the device itself. the best you can get is a mere 240p constant stream of jpg images, very, very slowly.

            So.. help me out. how do i untether it and make it my OWN controllable camera?

            1. JohnFen

              Re: Start offering evidence

              "how do i untether it and make it my OWN controllable camera?"

              I think the best solution is to not use that camera, and put together one that isn't locked into an ecosystem.

              But, barring that, you'll need to do a little reverse-engineering. Identify the motor driver control lines, the video signal line, etc. Cut the traces that go to the microcontroller, and then install your own microcontroller that runs the thing instead.

            2. Kernel

              Re: Start offering evidence

              "So.. help me out. how do i untether it and make it my OWN controllable camera?"

              The obvious solution, and the one that I had in mind, was not buying a camera that was tethered to a cloud server in the first place - my local electronics store has a number of such devices available off the shelf - they even sell complete systems with cameras and server that you can install at home and configure however you want.

              As with many technical things, research before purchase, not purchase before research.

              For a start, here is one link to setting up the necessary VPN server at your home - as a side advantage, once you've got this set up and working you will have secure* access to all your home network, including any NAS, printers, etc. I also use it when connected to public WiFi as I am confident that my fibre connection at home is less easy to hack than some random WiFi access point with the password prominently displayed.

              https://pimylifeup.com/raspberry-pi-vpn-server/

              If you enter "set up vpn server on rasp pi" into DuckDuckGo (or Google, if you must) you will get a number of links that will guide you through doing this, some may suit your needs better than others.

              I personally have found DuckDNS to be a reliable way of dealing with having a dynamic IP address on my home internet connection, but I've no doubt there are other such services for a similar price ie., free. I've set my system up to ping DuckDNS every 5 minutes, so I'm never more than 5 minutes away from being able to access my VPN should the IP change.

              *secure against the casual hacker, not necessarily secure against determined law enforcement, criminals or government level spooks.

              1. Anonymous Coward
                Anonymous Coward

                Fixed IP address

                PlusNet do it for a one-off fiver last time I saw.

          3. rdhood

            Re: Start offering evidence

            My reply only goes to the point that EVERY company does this. Not just Huawei. And I dont trust google/facebook/mi any more than Huawei. They ALL want your data. Yes, there are other ways to do this, but that was not my point. They ALL do it is my point.

      2. Paratrooping Parrot
        FAIL

        Re: Start offering evidence

        You know that whatever the Americans say, Britain will agree. When I say Britain, I mean whoever is in power, whether it's May or whoever Murdoch supports.

        1. Steve Davies 3 Silver badge

          Re: Britain will agree with the americans

          Not when Corbyn gets into Number 10. He'll be on the phone directly to his pal Putin rather than going through the sockpuppet that is Trump.

          /s /s /s

      3. _LC_
        Devil

        Re: Start offering evidence

        Lately, they are having trouble to make it work:

        https://www.thenational.ae/world/the-americas/us-suspects-syria-in-new-chemical-attack-and-threatens-reprisal-1.864615

        "US suspects Syria in new chemical attack and threatens reprisal"

        They keep airing the same episode, over and over. Apparently, somebody's in dire need of new writers. ;-)

    2. KenBW2

      Re: Start offering evidence

      >they really need to start offering some sort of actual evidence for their accusations. Expecting everyone to just take them at their word for this stuff is expecting too much.

      Unfortunately I'm not as hopeful as you

    3. big_D Silver badge

      Re: Start offering evidence

      Yes, all theoretical so far.

      On the other hand, all Cisco kit released since 2013 is vulnerable to a hardware fault in its implementation of secure boot. Didn't hear the FTC calling for a ban on all Cisco kit.

    4. DerekCurrie
      Big Brother

      Re: Start offering evidence

      "...they really need to start offering some sort of actual evidence for their accusations."

      Perhaps my research skills are unusual. But I collect evidence of China's hacking crimes against the world every day by simply watching for it across the Internet. I keep stacks of PDF saved documentation of China's hacking and robbery of IP in a folder marked "China- Criminal Nation." The flow of relevant articles into that folder never stops. It's my documentation of the behavior of a totalitarian, 'communist' nation. Anyone can see exactly the same documentation on the Internet if they care to bother. As such, it's impossible to believe that any Chinese company would NOT bow down to the surveillance demands of its government. I have to point to comments such as yours and call them:

      Profoundly naive.

      But as I elaborate in my long comment below, Chinese surveillance of the world is not the only issue. The larger issue is technology security incompetence across the entire world, including such US companies as Cisco and Intel and Ring, ad nauseam.

      1. JohnFen

        Re: Start offering evidence

        "I collect evidence of China's hacking crimes against the world every day by simply watching for it across the Internet."

        Sure, but that isn't evidence that the devices in question are compromised, and if their hacking crimes mean that none of their equipment can be trusted, then no equipment from any nation can be trusted.

        "It's my documentation of the behavior of a totalitarian, 'communist' nation."

        Sure. But again, that's not evidence about the equipment in question.

        "As such, it's impossible to believe that any Chinese company would NOT bow down to the surveillance demands of its government. "

        Agreed. But yet again, this is true for every nation.

        Your points are valid as far as they go, but in total, if that's the evidence then the US (and every other nation) should not be buying any equipment or chips made in any nation that isn't theirs.

        Singling China out on this stuff, barring actual evidence that the equipment is compromised, really only makes sense in the context of war -- the trade war and/or preparation for a shooting war.

    5. Anonymous Coward
      Anonymous Coward

      Re: Start offering evidence

      Maybe we could take up a collection to buy them a copy of Wireshark.

  9. Steve Davies 3 Silver badge
    Holmes

    In other words...

    anything not made by 'good ole boys' in the 50 states is plumb full of spyware, malware and other bad things.

    Carry on building that wall 'Merika. You are pissing off your allies right left and centre.

    1. big_D Silver badge
      Facepalm

      Re: In other words...

      Except that it has been proven the stuff made in 'Merika can be loaded with NSA spyware added en-route to customers outside the USA.

      So, you have a choice, pay a lot of money to be spied on by the USA or pay less money to be allegedly spied on by the Chinese...

      Hmm, tough decision. But as it is my money, I'll probably go with the cheaper option.

      1. Rameses Niblick the Third Kerplunk Kerplunk Whoops Where's My Thribble?

        Re: In other words...

        So, you have a choice, pay a lot of money to be spied on by the USA or pay less money to be allegedly spied on by the Chinese...

        I consider buying Chinese kit for home use a public service. It's generally cheaper and as reliable (YMMV) and IF the Chinese really are spying on the west through networking gear, I very much doubt they are particularly bothered by my shopping lists, home renovation plans or cake recipes. Therefore I am adding to the background noise they have to sift through to find anything useful.

        The USA is going about this all wrong. If they truly believe the Chinese are using consumer grade hardware to spy on the west, they should be encouraging uptake of it to increase the amount of nonsense the Chinese have to deal with. Really, it's everyone's patriotic duty!

        1. not.known@this.address

          Re: In other words...

          " Therefore I am adding to the background noise they have to sift through to find anything useful."

          There used to be a small number of people who would add meaningless drivel at the bottom of every email just to give certain spy agencies something to look at. Most of them stopped when it became clear that those agencies sometimes had trouble separating complete b0770cks from real spy chatter, and such a misunderstanding could result in either a lifelong ban on travelling to The House Of Mouse or, even less fun, a one-way trip to an extended vacation on a sub-tropical island that may or may not really exist...

          Of course, being on a science-fiction mailing list and discussing things like high-energy plasma weapons and orbital mechanics can also carry a degree of, ah, "excitement"...

          1. JohnFen

            Re: In other words...

            "Most of them stopped when it became clear that those agencies sometimes had trouble separating complete b0770cks from real spy chatter,"

            That's not why people largely stopped spookfooding. Everyone doing it was hoping that those agencies would have trouble separating spook food from the real thing -- that was the whole point. People stopped doing it because most people became aware that it was ineffective.

  10. Anonymous Coward
    Anonymous Coward

    contain components that can compromise your data

    the US is becoming a laughing stock in line with Russia, which has, for the last several years, shamelessly used its various "food standards" agencies, to put pressure on countries and to punish them for not acting in line with Russian visions. The Russians regularly see a middle finger by those countries in response, but will the world stick the middle finger to the Empire? Obviously, China will encourage such challenging behaviour, but in the long term, isn't it better to be fucked by an old master (and think of England), rather than invite a new one with pretty disturbing tastes...

    1. A.P. Veening Silver badge

      Re: contain components that can compromise your data

      invite a new one with pretty disturbing tastes

      I find the American lack of taste pretty disturbing.

      1. Chris G

        Re: contain components that can compromise your data

        "disturbing tastes"

        Try American Hershey chocolate, Twinky bars or Monterey Jack which is allegedly cheese.

        1. Steve Davies 3 Silver badge

          Re: Montorey Jack

          Ah... you mean barely edible rubber then.

        2. Mo'Fo B'dass

          Re: contain components that can compromise your data

          Don't forget Oreo's. <hawk><spit>

        3. TrumpSlurp the Troll
          Trollface

          Re: contain components that can compromise your data

          I thought Monterey Jack was a dick move?

  11. Will Godfrey Silver badge
    WTF?

    Have they completely lost the plot?

    It certainly looks like it from here.

    1. mics39
      Happy

      Re: Have they completely lost the plot?

      American drones are only good for killing and maiming people. Most of the rest of us don’t do such things so Chinese stuff is fine.

  12. Ken Mitchell

    Been Asleep Long?

    The Defense Department banned DJI drones from use or purchase a YEAR ago. Military personnel are forbidden from purchasing them, or using them on any military property. Like Huawei, it's a camel's nose in the tent, collecting intel and surveillance here at home for the PRC intel agencies.

    1. Kernel

      Re: Been Asleep Long?

      "Like Huawei, it's a camel's nose in the tent,"

      Does that mean that Cisco is the camel's arse?

      1. Anonymous Coward
        Anonymous Coward

        Re: Been Asleep Long?

        ""Like Huawei, it's a camel's nose in the tent,"

        Does that mean that Cisco is the camel's arse?"

        'yes' to both.

    2. Anonymous Coward
      Anonymous Coward

      Re: Been Asleep Long?

      Like Huawei, it's a camel's nose in the tent, collecting intel and surveillance here at home for the PRC intel agencies.

      I never stop to marvel how we always tend to interpret other people's actions in terms of our own intent, so very rarely even trying to figure out theirs. It's a human thing to do, but as the sole basis for state policy it seems to lack certain finesse.

  13. Anonymous Coward
    Anonymous Coward

    I'm guessing the resale value of my Mavic will go up soon.

  14. Andy Denton

    FTFY

    "The United States government has strong concerns about any technology product that is sufficiently competitive with or is demonstrably ahead of American technology and will do anything in its power to sabotage said product(s) and deny 'free' market access"

    1. EnviableOne Silver badge
      Pint

      Re: FTFY

      Shame i can only give this one UP vote, have a beer.

      no US firm is anywhere near DJI in consumer drones, and Huawei are leagues ahead in 5G

    2. sanmigueelbeer Silver badge

      Re: FTFY

      The United States government has strong concerns about any technology product that is sufficiently competitive with or is demonstrably ahead of American technology and will do anything in its power to sabotage said product(s) and deny 'free' market access

      And this doesn't make any sense.

      China has had >50 years of reverse-engineering products and selling them in the open market at a fraction of the cost.

      The biggest challenge for them, lately, is the software side. Particularly when softwares can hide "easter eggs".

      World and business leaders are still too terrified to action any copy write infringements.

      You can't close Pandora's Box once it's open.

      Software may be dodgy. Product may be crap. However, at the end of the day, China will still continue to copy other people's product and ideas without any care in the world. Anything and everything is "fair game".

      So after DJI and Huawei, who's next? Xiaomi? ZTE?

  15. JaitcH
    FAIL

    Brain Dead Trump Forgets . . .

    that China is the largest supplier / source of rare earth materials used in communications.

    Another dumb move.

    1. Chris G

      Re: Brain Dead Trump Forgets . . .

      There are sources of rare earths in Afghanistan but the CIA are too busy growing opium there to develop mining.

      There efforts being made to develop alternative sources closer to home but it's a slow business with environmental concerns.

  16. DerekCurrie
    Big Brother

    If Only The Chinese Tech Concerns Were Merely About Competition

    But they're not. Judging simply from China's hacking behavior over the past 20 years, since 1998, the year China was granted 'Most Favored Nation' status by the USA, there is no reason whatsoever to trust any company in China to be immune from their government's surveillance mandates. China surveils its own citizens with strict and invasive discipline. That's entirely accepted knowledge, especially inside China. China surveils and steals from nations and companies across the world. That's also entirely accepted knowledge. Ask any/every US government agency as well as any creative technology company in the country. The examples are plentiful. As such, there really, seriously, honestly is no reason to entrust Internet communication security to any Chinese company. Every Chinese company must comply with any and all demands of its government. That's what totalitarianism is all about. We can debate and divert and disagree all we like. But this is the state of affairs regarding China. It's showing no signs of changing.

    And yes, every expression of the actual state of Chinese businesses is met on the Internet with a barrage of utter propagandist BS to the contrary. I suspect this post will suffer the same.

    Meanwhile, there's the issue of incompetence. It's easy to point at Chinese technology company incompetence. Huawei has pulled some outrageous security blunders so far in 2019 alone. Simply from the perspective of requiring quality materials over cheaply made, slap dash crapware, Huawei is to be avoided. HOWEVER! I can point at Cisco Systems hardware and say EXACTLY the same thing! As such, requiring quality materials means Cisco is to be avoided! You'd think Chinese companies, building hardware and software from stolen intellectual property, would constantly stumble, fumble and bumble, seeing as they didn't invent any of it and therefore cannot entirely understand it. But the USA has plenty of entrepreneurial, inventive, creative companies who, from my perspective, stumble, fumble and bumble their hardware and software. Security is universally expected to be a failure at this point, no matter the source.

    IOW: Avoiding Huawei 5G hardware is a brilliant strategy for the entire world! But whether it's deliberate or inadvertent, expect crap security from everyone else's 5G hardware as well. Not kidding. Let's make some popcorn and watch the show...

  17. Anonymous Coward
    Anonymous Coward

    Somebody in the US of A must be pissed because of the planned 5G rollout and oodles of dosh that some companies will be making... think all this is major sour grapes.

  18. Chozo
    Devil

    Angel Has Fallen

    Movie coming out where drones are used in an attempt to assassinate the US president, do you think somebody is paranoid?

    https://m.imdb.com/title/tt6189022/videoplayer/vi449887257?ref_=m_tt_ov_vi

  19. Velv
    Pirate

    It's going to be interesting to see just how quickly the shelves in US shops become bare when all the products with Chinese components are removed.

  20. Claptrap314 Silver badge

    Ban DJI first

    You know those locations that they are required to have mapped so that the drones won't go there? What happens if the drones all decide that those are the places that they ARE going to go?

    There is a really weird disconnect for me on these forums. On the one hand, we instantly and vociferously decry security vulnerabilities of all kinds in general. On the other, there is this demand that the US ignore supply chain vulnerabilities when relating to a government that has maintained a constantly aggressive rhetoric towards it for at least three decades.

    Again: expect any major government to enlist whatever corporations that are based in its jurisdiction in war. Expect any quasi-intelligent government to include a fairly broad definition of "war", and to prepare for eventualities.

    I _expect_ the EU to take a dim view of dependence on US tech for its core infrastructure. It's not the US's fault if the EU still doesn't want to pay the cost of security.

    1. JohnFen

      Re: Ban DJI first

      "On the other, there is this demand that the US ignore supply chain vulnerabilities when relating to a government that has maintained a constantly aggressive rhetoric towards it for at least three decades."

      I don't see that at all. I suspect that the vast majority here would agree that supply chain vulnerabilities need to be addressed. The point I see being made is simple -- why is all the concern directed at China when the risk comes from all nations?

      Addressing China specifically doesn't do what's required to address supply chain vulnerabilities. The entire supply chain, regardless of the nation involved, has to be addressed. Since that's not what the US is doing, the only logical conclusion to reach is that this has nothing to do with security, and everything to do with engaging in an economic war with China.

      1. Claptrap314 Silver badge

        Re: Ban DJI first

        If someone went on FB, and posted that they were going to drive by your house, and plant a WiFi snooper to steal your credit cards, what would you do?

        China has an official policy of going after us in this regard. Taking them at their word and reacting appropriately is really basic.

  21. x 7

    The UK government is currently worried by the rapid expansion over the last two years of the chinese into the massage parlour industry in the UK

    The number of parlours, and the number of chinese girls working in them is growing exponentially and is seen as a deliberate policy by the chinese underworld gangs. Besides the money earned from prostitution, the parlours are fronts for laundering the cash from more exotic crimes, and gives the chinese government a ready support network for the increasing number of spies embedded in British industry

  22. Anonymous Coward
    Anonymous Coward

    This whole sort of thing...

    This whole sort of thing should free-up bandwidth on the undersea FO cables, thus making it easier to watch the sumo basho at full resolution without drop-outs.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like